57. A HARDWARE APPROACH TO INFORMATION FLOW SECURITY

Abstract
Hardware/software interfaces are riddled with holes (timing-channels,
undefined instruction behaviors, storage-channels, memory access
backdoors) through which secrets leak and attackers exploit. System
designers are constantly forced to respond to these attacks, often
only after significant damage has been inflicted. We propose a new
hardware foundation for secure computing which will carefully and
precisely manage all flows of information, making them explicit and
verifiable from the hardware logic gates all the way up the system
stack. This can be used to ensure private keys are never leaked (for
secrecy), and that untrusted information will not used in the making
of critical decisions (for safety and fault tolerance) nor in
determining the schedule (real-time).